CVE & Exploit Intelligence Database

CVE-2026-30785 EPSS 0.00

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machine UID modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files hbb_common/src/password_security.Rs, hbb_common/src/config.Rs, hbb_common/src/lib.Rs (get_uuid), machine-uid/src/lib.Rs and program routines symmetric_crypt(), encrypt_str_or_original(), decrypt_str_or_original(), get_uuid(), get_machine_id(). This issue affects RustDesk Client: through 1.4.5.

CWE-323 Mar 05, 2026

CVE-2026-20128 7.5 HIGH EXPLOITED EPSS 0.00

A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker to gain DCA user privileges on an affected system. To exploit this vulnerability, the attacker must have valid vmanage credentials on the affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An attacker could exploit this vulnerability by accessing the filesystem as a low-privileged user and reading the file that contains the DCA password from that affected system. A successful exploit could allow the attacker to access another affected system and gain DCA user privileges. Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability.

CWE-257 Feb 25, 2026

CVE-2025-57796 6.8 MEDIUM 1 Writeup EPSS 0.00

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained.

CWE-257 Jan 28, 2026

CVE-2025-14295 EPSS 0.00

Storing Passwords in a Recoverable Format vulnerability in Automated Logic WebCTRL on Windows, Carrier i-Vu on Windows. Storing Passwords in a Recoverable Format vulnerability (CWE-257) in the Web session management component allows an attacker to access stored passwords in a recoverable format which makes them subject to password reuse attacks by malicious users.This issue affects WebCTRL: from 6.0 through 9.0; i-Vu: from 6.0 through 9.0.

CWE-257 Jan 22, 2026

CVE-2025-8307 EPSS 0.00

Asseco InfoMedica is a comprehensive solution used to manage both administrative and medical tasks in the healthcare sector. Passwords of all users are stored in a database in an encoded format. An attacker in possession of these encoded passwords is able to decode them by using an algorithm embedded in the client-side part of the software.  This vulnerability has been fixed in versions 4.50.1 and 5.38.0

CWE-257 Jan 08, 2026

CVE-2025-34180 EPSS 0.00

NetSupport Manager < 14.12.0001 relies on a shared Gateway Key for authentication between Manager/Control, Client, and Connectivity Server components. The key is stored using a reversible encoding scheme. An attacker who obtains access to a deployed client configuration file can decode the stored value to recover the plaintext Gateway Key. Possession of the Gateway Key allows unauthorized access to NetSupport Manager connectivity services and enables remote control of systems managed through the same key.

CWE-257 Dec 15, 2025

CVE-2025-40774 4.4 MEDIUM EPSS 0.00

A vulnerability has been identified in SiPass integrated (All versions < V3.0). Affected server applications store user passwords encrypted in its database. Decryption keys are accessible to users with administrative privileges, allowing them to recover passwords. Successful exploitation of this vulnerability allows an attacker to obtain and use valid user passwords. This can lead to unauthorized access to user accounts, data breaches, and potential system compromise.

CWE-257 Oct 14, 2025

CVE-2025-35054 5.3 MEDIUM EPSS 0.00

Newforma Info Exchange (NIX) stores credentials used to configure NPCS in 'HKLM\Software\WOW6432Node\Newforma\<version>\Credentials'. The credentials are encrypted but the encryption key is stored in the same registry location. Authenticated users can access both the credentials and the encryption key. If these are Active Directory credentials, an attacker may be able to gain access to additional systems and resources.

CWE-522 Oct 09, 2025

CVE-2025-0280 7.5 HIGH EPSS 0.00

A security vulnerability in HCL Compass can allow attacker to gain unauthorized database access.

CWE-257 Sep 03, 2025

CVE-2025-58049 5.8 MEDIUM 1 Writeup EPSS 0.00

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions from 14.4.2 to before 16.4.8, 16.5.0-rc-1 to before 16.10.7, and 17.0.0-rc-1 to before 17.4.0-rc-1, the PDF export jobs store sensitive cookies unencrypted in job statuses. XWiki shouldn't store passwords in plain text, and it shouldn't be possible to gain access to plain text passwords by gaining access to, e.g., a backup of the data directory. This vulnerability has been patched in XWiki 16.4.8, 16.10.7, and 17.4.0-rc-1.

CWE-212 Aug 28, 2025

CVE-2025-57789 5.4 MEDIUM NUCLEI EPSS 0.07

During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured.

CWE-257 Aug 20, 2025

CVE-2025-8904 8.5 HIGH EPSS 0.00

Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR version 7.5 or higher. For Amazon EMR releases between 6.10 and 7.4, we strongly recommend that you run the bootstrap script and RPM files with the fix provided in the location below.

CWE-257 Aug 13, 2025

CVE-2025-44958 5.3 MEDIUM EPSS 0.00

RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format.

CWE-257 Aug 04, 2025

CVE-2025-6996 8.4 HIGH EPSS 0.00

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

CWE-257 Jul 08, 2025

CVE-2025-6995 8.4 HIGH EPSS 0.00

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.

CWE-257 Jul 08, 2025

CVE-2025-27459 4.4 MEDIUM EPSS 0.00

The VNC application stores its passwords encrypted within the registry but uses DES for encryption. As DES is broken, the original passwords can be recovered.

CWE-257 Jul 03, 2025

CVE-2024-51552 6.0 MEDIUM EPSS 0.00

Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.

CWE-257 May 22, 2025

CVE-2025-25983 3.4 LOW 1 Writeup EPSS 0.00

An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64 allows an attacker to obtain sensitive information via the QE code based sharing component.

CWE-656 Apr 18, 2025

CVE-2024-32122 2.3 LOW EPSS 0.00

A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server.

CWE-257 Apr 08, 2025

CVE-2025-24852 4.6 MEDIUM EPSS 0.00

Storing passwords in a recoverable format issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, an attacker who can access the microSD card used on the product may obtain the product login password.

CWE-257 Mar 31, 2025